CVE-2008-1583: PICT images can lead to an heap overflow and code execution

CVE-2008-1584: Indeo video codec can lead to a stack buffer overflow and code execution - note the fix: "This update addresses the issue by not rendering Indeo video codec content."

CVE-2008-1585: handling of file: URLs in QuickTime files could lead to an attacker controlled application launch and code execution - note the fix: "This update addresses the issue by revealing files in Finder or Windows Explorer rather than launching them."